-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
190 lines (190 loc) · 6.21 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
name: ci
on:
push:
branches: main
pull_request:
jobs:
setup:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: yarn
- name: Determine whether the current PR is a draft
id: set-is-draft
if: github.event_name == 'pull_request' && github.event.pull_request.number
run: echo "IS_DRAFT=$(gh pr view --json isDraft --jq '.isDraft' "${PR_NUMBER}")" >> "$GITHUB_OUTPUT"
env:
PR_NUMBER: ${{ github.event.pull_request.number }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup registry config for using package previews on draft PRs
if: github.event_name == 'pull_request' && steps.set-is-draft.outputs.IS_DRAFT == 'true'
run: printf '%s\n\n%s' '@metamask:registry=https://npm.pkg.github.com' "//npm.pkg.github.com/:_authToken=${PACKAGE_READ_TOKEN}" > .npmrc
env:
PACKAGE_READ_TOKEN: ${{ secrets.PACKAGE_READ_TOKEN }}
- run: yarn setup:node
- name: Require clean working directory
shell: bash
run: |
if ! git diff --exit-code; then
echo "Working tree dirty at end of job"
exit 1
fi
dedupe:
runs-on: ubuntu-20.04
needs: setup
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: yarn
- run: yarn setup:node
- name: Deduplicate dependencies
run: yarn deduplicate
- name: Print error if duplicates found
shell: bash
run: |
if ! git diff --exit-code; then
echo "Duplicate dependencies detected; run 'yarn deduplicate' to remove them"
exit 1
fi
scripts:
runs-on: ubuntu-20.04
needs: setup
strategy:
matrix:
scripts:
- lint
- lint:tsc
- audit:ci
- test:depcheck
- test:tgz-check
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: yarn
- run: yarn setup:node
- run: yarn ${{ matrix['scripts'] }}
- name: Require clean working directory
shell: bash
run: |
if ! git diff --exit-code; then
echo "Working tree dirty at end of job"
exit 1
fi
unit-tests:
runs-on: ubuntu-20.04
needs: setup
strategy:
matrix:
shard: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: yarn
- run: yarn setup
# The "10" in this command is the total number of shards. It must be kept
# in sync with the length of matrix.shard
- run: yarn test:unit --shard=${{ matrix.shard }}/10 --forceExit --silent --coverageReporters=json
env:
NODE_OPTIONS: --max_old_space_size=20480
- name: Rename coverage report to include shard number
shell: bash
run: |
mv ./tests/coverage/coverage-final.json ./tests/coverage/coverage-${{ matrix.shard }}.json
- uses: actions/upload-artifact@v3
with:
name: coverage-${{ matrix.shard }}
path: ./tests/coverage/coverage-${{ matrix.shard }}.json
if-no-files-found: error
- name: Require clean working directory
shell: bash
run: |
if ! git diff --exit-code; then
echo "Working tree dirty at end of job"
exit 1
fi
merge-unit-tests:
runs-on: ubuntu-20.04
needs: unit-tests
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: yarn
- run: yarn setup
- uses: actions/download-artifact@v3
with:
path: tests/coverage/
- name: Gather partial coverage reports into one directory
shell: bash
run: |
mv ./tests/coverage/coverage-*/* ./tests/coverage
- run: yarn test:merge-coverage
- run: yarn test:validate-coverage
- uses: actions/upload-artifact@v3
with:
name: coverage
path: ./tests/merged-coverage/lcov.info
if-no-files-found: error
- name: Require clean working directory
shell: bash
run: |
if ! git diff --exit-code; then
echo "Working tree dirty at end of job"
exit 1
fi
sonar-cloud:
runs-on: ubuntu-20.04
needs: merge-unit-tests
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # SonarCloud needs a full checkout to perform necessary analysis
- uses: actions/download-artifact@v3
with:
name: coverage
path: coverage/
- name: Upload coverage reports to Codecov
if: ${{ always() }}
uses: codecov/codecov-action@d9f34f8cd5cb3b3eb79b3e4b5dae3a16df499a70
- name: SonarCloud Scan
if: ${{ env.HAVE_SONAR_TOKEN == 'true' }}
# This is SonarSource/[email protected]
uses: SonarSource/sonarcloud-github-action@4b4d7634dab97dcee0b75763a54a6dc92a9e6bc1
env:
HAVE_SONAR_TOKEN: ${{ secrets.SONAR_TOKEN != '' }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- name: Require clean working directory
shell: bash
run: |
if ! git diff --exit-code; then
echo "Working tree dirty at end of job"
exit 1
fi
check-workflows:
name: Check workflows
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Download actionlint
id: download-actionlint
run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/62dc61a45fc95efe8c800af7a557ab0b9165d63b/scripts/download-actionlint.bash) 1.7.1
shell: bash
- name: Check workflow files
run: ${{ steps.download-actionlint.outputs.executable }} -color
shell: bash
all-jobs-pass:
name: All jobs pass
runs-on: ubuntu-20.04
needs: [setup, dedupe, scripts, unit-tests, check-workflows, sonar-cloud]
steps:
- run: echo "Great success!"